Engels Antonio: SHA-1 Cracked!

Associate professor Wang Xiaoyun of Beijing’s Tsinghua University and Shandong University of Technology has cracked SHA-1, a widely used data security algorithm.

TAIPEI—Within four years, the U.S. government will cease to use SHA-1 (Secure Hash Algorithm) for digital signatures, and convert to a new and more advanced “hash” algorithm, according to the article “Security Cracked!” from New Scientist . The reason for this change is that associate professor Wang Xiaoyun of Beijing’s Tsinghua University and Shandong University of Technology, and her associates, have already cracked SHA-1.

Wang also cracked MD5 (Message Digest 5), the hash algorithm most commonly used before SHA-1 became popular. Previous attacks on MD5 required over a million years of supercomputer time, but Wang and her research team obtained results using ordinary personal computers.

In early 2005, Wang and her research team announced that they had succeeded in cracking SHA-1. In addition to the U.S. government, well-known companies like Microsoft, Sun, Atmel, and others have also announced that they will no longer be using SHA-1.

Two years ago, Wang announced at an international data security conference that her team had successfully cracked four well-known hash algorithms—MD5, HAVAL-128, MD4, and RIPEMD—within ten years.

A few months later, she cracked the even more robust SHA-1.

Focus and Dedication

According to the article, Wang’s research focusses on hash algorithms.

A hash algorithm is a mathematical procedure for deriving a ‘fingerprint’ of a block of data. The hash algorithms used in cryptography are “one-way”: it is easy to derive hash values from inputs, but very difficult to work backwards, finding an input message that yields a given hash value. Cryptographic hash algorithms are also resistant to “collisions”: that is, it is computationally infeasible to find any two messages that yield the same hash value.

Hash algorithms’ usefulness in data security relies on these properties, and much research focusses in this area.

Recent years have seen a stream of ever-more-refined attacks on MD5 and SHA-1—including, notably, Wang’s team’s results on SHA-1, which permit finding collisions in SHA-1 about 2,000 times more quickly than brute-force guessing. Wang’s technique makes attacking SHA-1 efficient enough to be feasible.

MD5 and SHA-1 are the two most extensively used hash algorithms in the world. These two algorithms underpin many digital signature and other security schemes in use throughout the international community. They are widely used in banking, securities, and e-commerce. SHA-1 has been recognized as the cornerstone for modern Internet security.

According to the article, in the early stages of Wang’s research, there were other researchers who tried to crack it. However, none of them succeeded. This is why in 15 years hash research had become the domain of hopeless research in many scientists’ minds.

Wang’s method of cracking algorithms differs from others’. Although such analysis usually cannot be done without the use of computers, according to Wang, the computer only assisted in cracking the algorithm. Most of the time, she calculated manually, and manually designed the methods.

“Hackers crack passwords with bad intentions,” Wang said. “I hope efforts to protect against password theft will benefit [from this]. Password analysts work to evaluate the security of data encryption and to search for even more secure … algorithms.”

“On the day that I cracked SHA-1,” she added, “I went out to eat. I was very excited. I knew I was the only person who knew this world-class secret.”

Within ten years, Wang cracked the five biggest names in cryptographic hash algorithms. Many people would think the life of this scientist must be monotonous, but “That ten years was a very relaxed time for me,” she says.

During her work, she bore a daughter and cultivated a balcony full of flowers. The only mathematics-related habit in her life is that she remembers the license plates of taxi cabs.